Netspective Communications LLC will implement all necessary communication and network controls to uphold the confidentiality, integrity, and availability of Netspective Communications LLC information assets transmitted through communication networks. [FII-SCF-016-NET-13]
-
Protect all Netspective Communications LLC communications equipment, including computer systems and network devices, to ensure the confidentiality, integrity, and availability of information processing facilities.
-
This document solely presents the information technology and information security policies for the purpose of Netspective Communications LLC’s information technology. The document incorporates International information technology standards. Additionally, Netspective Communications LLC has demonstrated an acceptable level of professional due diligence and focus to ensure the quality and adequacy of the information stated in this document.
-
Network Security Management [FII-SCF-007-MON-01.3]
- All the necessary controls within Netspective Communication LLC shall be identified and implemented to protect the confidentiality, integrity, and availability of sensitive data passing over public networks.
- Network operation responsibility shall be separated from the computer operation responsibility to avoid interference.
- Logging and monitoring of network activities shall be applied to enable recording of any security events.
- Netspective Communication LLC shall implement appropriate network security measures and features, and provide network security resources (Firewall, IDS, etc.) to protect the IT infrastructure.
- Network services agreement shall be defined for network services provided in-house or through third parties and shall include security features, management requirements and service levels.
- When event logs reach a maximum size, the system is not halted through lack of disk space and logging continues with no disruption
-
Information transfer
- To prevent loss, modification, destruction, or misuse of information,Netspective Communication LLC departments shall protect and control exchange of critical business information assets and software.
- Formal controls based on the criticality of information shall be defined to protect the exchange of information through the use of communication facilities.
- Formal agreements shall be established for the exchange of critical business information assets or software with outside organizations.
- These agreements shall include both manual and electronic exchanges.
- These agreements shall reflect the sensitivity of the critical business information assets being exchanged and shall describe any protection requirements.
- These agreements shall specify management responsibilities, notification requirements, packaging and transmission standards, courier identification, responsibilities and liabilities, data and software ownership, protection responsibilities and measures, and all encryption requirements.
- Wherever possible cryptographic techniques shall be used to protect the confidentiality, integrity and authenticity of sensitive information.
- Netspective Communication LLC sensitive or critical information shall not be left on copiers, printers, and facsimile machines, as these could be accessed by unauthorized personnel.
- A formal policy, procedures, and standards shall be established and maintained to protect media transportation beyond Netspective Communication LLC premises against unauthorized access, misuse or corruption.
- Use of an agreed labeling system for sensitive or critical information, ensuring that the meaning of the labels is immediately understood internally and that the information is appropriately protected.
- Appropriate packaging of Netspective Communication LLC media shall be used to protect the contents from any physical damage.
- Controls shall be established to protect electronic messaging (E-mail) from unauthorized access, modifications or denial of service.
- Netspective Communication LLC will identify confidentiality, nondisclosure agreement with suppliers, employees, contractors.